diff --git a/runbot/controllers/frontend.py b/runbot/controllers/frontend.py
index ebb8a4f9..b35a407b 100644
--- a/runbot/controllers/frontend.py
+++ b/runbot/controllers/frontend.py
@@ -210,6 +210,8 @@ class Runbot(Controller):
         '/runbot/bundle/<model("runbot.bundle"):bundle>/force/<int:auto_rebase>',
     ], type='http', auth="user", methods=['GET', 'POST'], csrf=False)
     def force_bundle(self, bundle, auto_rebase=False, **_post):
+        if not self.env.user.has_group('runbot.group_runbot_advanced_user'):
+            raise Forbidden("Only users with a specific group can do that. Please contact runbot administrators")
         _logger.info('user %s forcing bundle %s', request.env.user.name, bundle.name)  # user must be able to read bundle
         batch = bundle.sudo()._force()
         batch._log('Batch forced by %s', request.env.user.name)